Privacy Policy
Last updated: July 18, 2026
This policy explains what data earlyuser.app collects when organizations run beta campaigns and testers participate in them, how that data is used, and who it's shared with.
What We Collect
- Organization account data: owner/admin email and session data, managed through Better Auth.
- Tester data: email, name, referral code, and referral relationships (who referred whom, referral count) collected when a tester joins a campaign.
- Feedback and discussion content: bug reports, feedback submissions, and discussion board posts testers submit through the portal.
- Automatically collected data: IP address, captured by our rate-limiting middleware to prevent abuse of the intake API and webhook system.
How We Use It
- To deliver the service: running campaigns, managing tester pools, and displaying feedback and discussion content to organization owners.
- To dispatch webhook events (
tester.joined,tester.confirmed,tester.installed,feedback.received) to the endpoints an organization configures. - To send transactional email (tester invites, verification, notifications) via Resend.
- To prevent abuse of the intake API through rate-limiting.
Who We Share It With
We share data with the infrastructure and service providers that run earlyuser.app: Resend (transactional email), Axiom (logging), and Cloudflare (hosting, database, and rate-limiting). These providers process data on our behalf and don't use it for their own purposes.
When an organization configures a webhook integration (Slack, Discord, Zapier, Make, n8n, GitHub Actions, or a custom endpoint), tester event data is sent to that endpoint. This is the organization's own configuration choice — earlyuser.app delivers the event, but what the organization's chosen integration does with it afterward is the organization's responsibility, not ours.
Data Retention
We retain organization account data, tester data, feedback, and discussion content for as long as your account is active and as necessary to provide the service. Expired sessions, tokens, and related logs are purged automatically on a daily basis. If you close your account, we may retain data as required to comply with legal obligations, resolve disputes, and enforce our agreements, after which it is deleted or anonymized.
Tester Rights
Testers can access and update their own profile and stats from their tester dashboard. There is currently no self-serve account deletion flow — to request deletion of your data, contact us using the information below.
Security
We use reasonable administrative, technical, and organizational measures to protect data, including infrastructure provided by Cloudflare and encryption in transit. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
Do Not Sell
We do not sell organization or tester personal data to third parties.
International Data Transfers
Our infrastructure runs on Cloudflare's global network, which may process or store data in locations outside your country of residence.
Cookies & Local Storage
We use a session cookie set by Better Auth to keep organization owners and testers signed in. Your theme preference (dark or light mode) is stored in your browser's local storage under the key eu-theme — this never leaves your device. We do not use analytics or advertising tracking cookies at this time.
Children's Privacy
earlyuser.app is not directed at children under 13, and we do not knowingly collect personal information from them.
Changes to This Policy
We may update this policy as the product evolves. Material changes will be reflected by updating the "Last updated" date above.
Contact
[LEGAL REVIEW: a support/contact email has not yet been designated. Add one here before publishing.]